Search
Close this search box.

What is POPIA?

POPIA is the acronym for the South African PROTECTION OF PERSONAL INFORMATION ACT (number 4 of 2013). The full enforcement of the law will start on 1 July 2021. Similar to the GDPR, the UK-GDPR, and the Brasilian LGPD, it promotes the protection of personal information processed by public and private bodies,  regulates the cross-border flow of personal information, and outlines the rights of data subjects.  POPIA also prescribes mandatory obligations to report data breach incidents to the data protection authority.

If a cookie (or some other technology) collects personal information, a responsible party must take reasonable steps to ensure that the data subject is aware of the collection (POPIA section 18).  This means that in South Africa, a website needs a cookie banner and a cookie policy. You should also ask for consent before placing statistics and/or target group cookies.  Those last types of cookies have marketing/tracking as their primary purpose.  Only cookies that are Functional for your website’s operation can be placed in South Africa without the user’s explicit consent. These types of cookies are also called strictly necessary or essential.

If you are also collecting more personal information on your website than just the (personal) information you receive through the use of cookies, local storage, or other resources,  it is advised by South African legal experts to also create a separate Privacy statement.

 

 

Join 1M+ users and install The Privacy Suite for WordPress locally, automated or fully customized, and access our awesome support if you need any help!

Complianz has received its Google CMP Certification to conform to requirements for publishers using Google advertising products.